{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"RealPlayer 8 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"RealPlayer Enterprise.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"RealOne Player v2 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"RealPlayer 10 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"RealOne Player ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDeux vuln\u00e9rabilit\u00e9s de type d\u00e9bordement de m\u00e9moire sont pr\u00e9sentes dans\nle logiciel Real Player :\n\n-   une mauvaise gestion des URL contenant un grand nombre de caract\u00e8res\n    \".\" ;\n-   une faille dans le composant embd3260.dll \u00e0 la cr\u00e9ation d'un message\n    d'erreur lors de la r\u00e9ception d'un fichier invalide.\n\nPar le biais d'un site habilement constitu\u00e9, un individu mal intentionn\u00e9\npeut forcer l'ex\u00e9cution de code arbitraire \u00e0 distance sur le poste d'un\nutilisateur employant une version vuln\u00e9rable de Real Player.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur (cf. section\nDocumentation) pour l'obtention des correctifs.\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 de Real Networks du 10 juin 2004 :","url":"http://service.real.com/help/faq/security/040610_player/EN"},{"title":"Avis de s\u00e9curit\u00e9 06.10.04 d'iDefense :      \"","url":"http://www.idefense.com/application/poi/display?id=109&type=vulnerabilities"},{"title":"Avis de s\u00e9curit\u00e9 AD20040610 d'eEye :","url":"http://www.eeye.com/html/research/advisories/AD20040610.html"}],"reference":"CERTA-2004-AVI-194","revisions":[{"description":"version initiale.","revision_date":"2004-06-11T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":null,"title":"Multiples vuln\u00e9rabilit\u00e9s de RealPlayer","vendor_advisories":[{"published_at":null,"title":"Avis de s\u00e9curit\u00e9 de Real Networks du 10 juin 2004","url":null},{"published_at":null,"title":"Avis de s\u00e9curit\u00e9 d'iDefense","url":null},{"published_at":null,"title":"Avis de s\u00e9curit\u00e9 d'eEye","url":null}]}